Advertisement

Secure acceleration of DSS signatures using insecure server

  • Philippe Béguin
  • Jean -Jacques Quisquater
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 917)

Abstract

Small units like chip cards (smart card) have the possibility of computing, storing and protecting data. Today such chip cards have limited computing power and some cryptoprotocols are too slow. Some new chip cards with secure coprocessors are coming but are not very reliable at the moment and a little bit expensive.

A possible alternative solution is to use an auxiliary unit in order to help the chip card. The known protocols are not very secure or are not efficient.

We show how to accelerate the computation of a x b mod c and of a t mod c where a, b, c, t are public. Next we show how to accelerate the discrete exponential modulo a prime number: this protocol is useful to accelerate DSS signatures and other schemes. This protocol is also the first one accelerating DSS signatures with the help of an insecure server: it is secure against both passive and active attacks (that is, when the server sends false values to get some information from the card). Moreover, this protocol is the first secure such a protocol which does not use precomputations in the card.

We describe a feasible version of these protocols, where the used RAM is small: with current chip cards it is thus possible to implement effectively such protocols.

Keywords

Prime Number Smart Card Active Attack Modular Multiplication Secure Link 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anderson, R. J.: Attack on server-assisted authentication protocols. Electronic Letters (1992) p. 1473.Google Scholar
  2. 2.
    Brickell, E., Gordon, D. M., McCurley, K. S., Wilson, D.: Fast exponentiation with precomputation. In Advances in Cryptology — Proceedings of Eurocrypt '92 (1993) vol. Lecture Notes in Computer Science 658 Springer-Verlag pp. 200–207.Google Scholar
  3. 3.
    Couvreur, C., Quisquater, J.-J.: An introduction to fast generation of large prime numbers. Philips Journal of Research (1982) pp. 231–264.Google Scholar
  4. 4.
    Kawamura, S., Shimbo, A.: Fast server-aided secret computation protocols for modular exponentiation. IEEE Journal on selected areas communications 11 (1993).Google Scholar
  5. 5.
    Matsumoto, T., Imai, H., Laih, C.-S., Yen, S.-M.: On verifiable implicit asking protocols for RSA computation. In Advances in Cryptology — Proceedings of Auscrypt' 92 (1993) vol. Lecture Notes in Computer Science 718 Springer-Verlag pp. 296–307.Google Scholar
  6. 6.
    Matsumoto, T., Kato, K., Imai, H.: Speeding up secret computation with insecure auxiliary devices. In Advances in Cryptology — Proceedings of Crypto '88 (1989) vol. Lecture Notes in Computer Science 403 Springer-Verlag pp. 497–506.Google Scholar
  7. 7.
    NIST: FIPS 186 for Digital Signature Standard (DSS).Google Scholar
  8. 8.
    Pfitzmann, B., Waidner, M.: Attacks on protocols for server-aided RSA computation. In Advances in Cryptology — Proceedings of Eurocrypt '92 (1993) vol. Lecture Notes in Computer Science 658 Springer-Verlag pp. 153–162.Google Scholar
  9. 9.
    Quisquater, J.-J., Soete, M. D.: Speeding up smart card RSA computation with insecure coprocessors. In Procedings of Smart Cards 2000 (1989) pp. 191–197.Google Scholar
  10. 10.
    Rivest, R., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM 21 (1978) pp. 120–126.Google Scholar
  11. 11.
    Schnorr, C.: Efficient identification and signatures for smart cards. In Advances in Cryptology — Proceedings of CRYPTO '89 (1990) vol. Lecture Notes in Computer Science 435 Springer-Verlag pp. 235–251.Google Scholar
  12. 12.
    Yen, S.-M., Laih, C.-S.: More about the active attack on the server-aided secret computation protocol. Electronic Letters (1992) p. 2250.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Philippe Béguin
    • 1
  • Jean -Jacques Quisquater
    • 2
  1. 1.Laboratoire d'informatiqueEcole Normale SupérieureParis Cedex 05France
  2. 2.Laboratoire DICEUniversité Catholique de LouvainLouvain-la-NeuveBelgium

Personalised recommendations